035ab35d1d2ebb77f20e76705fa89027b1e95d254e27af63cf237626d1114238

Analysis

max time kernel
3150189s
max time network
132s
platform
android_x86
resource
android-x86-arm-20220823-en
resource tags

androidarch:armarch:x86image:android-x86-arm-20220823-enlocale:en-usos:android-9-x86system
submitted
27-11-2022 06:34

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

035ab35d1d2ebb77f20e76705fa89027b1e95d254e27af63cf237626d1114238.apk
Size

279KB
MD5

8c639c95c3aab18576db12f99e1b4043
SHA1

cde3b2aae9c5e7c46c4482d1e568faa6c10f64f7
SHA256

035ab35d1d2ebb77f20e76705fa89027b1e95d254e27af63cf237626d1114238
SHA512

cd09d5d8a0ea5c3a166a50366e5e2c94a2ca25cc6b49ccd7288ea2432369f360184a9d4037bfa912ebdf3cb7158eef9cbc58b6cfe47667a198cb091aca511ba3
SSDEEP

6144:j6vNUZtqFooucRm4r0ft7kUvcADXMJAU8YD8VnhsL6iPt5+fc9ttRo6NZC:zPma94r0fVkUEAjxYD8S6cnXZC

Score

7^/10

evasion ransomware

Malware Config

Signatures

Acquires the wake lock. 1 IoCs

Processes:

com.android.ef6jmgu.cf56ygv

description ioc process

Framework service call android.os.IPowerManager.acquireWakeLock com.android.ef6jmgu.cf56ygv
Makes a phone call. 1 IoCs

Processes:

com.android.ef6jmgu.cf56ygv

description ioc process

Intent action android.intent.action.CALL com.android.ef6jmgu.cf56ygv
Reads information about phone network operator.
Removes a system notification. 1 IoCs
evasion

Processes:

com.android.ef6jmgu.cf56ygv

description ioc process

Framework service call android.app.INotificationManager.cancelNotificationWithTag com.android.ef6jmgu.cf56ygv
Uses Crypto APIs (Might try to encrypt user data). 1 IoCs
ransomware

Processes:

com.android.ef6jmgu.cf56ygv

description ioc process

Framework API call javax.crypto.Cipher.doFinal com.android.ef6jmgu.cf56ygv

description	ioc	process
Framework service call	android.os.IPowerManager.acquireWakeLock	com.android.ef6jmgu.cf56ygv

description	ioc	process
Intent action	android.intent.action.CALL	com.android.ef6jmgu.cf56ygv

description	ioc	process
Framework service call	android.app.INotificationManager.cancelNotificationWithTag	com.android.ef6jmgu.cf56ygv

description	ioc	process
Framework API call	javax.crypto.Cipher.doFinal	com.android.ef6jmgu.cf56ygv

com.android.ef6jmgu.cf56ygv
1⤵
- Acquires the wake lock.
- Makes a phone call.
- Removes a system notification.
- Uses Crypto APIs (Might try to encrypt user data).
PID:4088

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

/data/user/0/com.android.ef6jmgu.cf56ygv/app_webview/Cookies
Filesize
64KB

MD5
cb7543c4df600f2af58097cce0e334ba

SHA1
83cc92f38c27fdb4fa519b1ce2f37912f24af1f0

SHA256
64c022ae708f94ffde986e105d88f708884de325720bfb9925c4160a6d417233

SHA512
ad51cad0472327bd68aa2d791341cfafed58971752352537bb603ed18b15a3f9185e9150983a28ecd09606e8dcaef6d1c9d93213dd246ef7720f39842eb3d980

Download Submit
/data/user/0/com.android.ef6jmgu.cf56ygv/app_webview/Cookies-journal
Filesize
1KB

MD5
a0f128433235b019d04d1d7fd32abb25

SHA1
71343da0c810e61358909c77fb333486a12012ee

SHA256
be1111926b8f859a423b95de5d326586e2818228ce5453768ba077cb5dd42256

SHA512
a663bf52f21ffd763981d25317ee71510b9a77bd7c5032bf6defed5a6257f667a7167950b1aaf304031b1b066eba3952f37c7b0914bbf43b25bd9ed4c08162bc

Download Submit
/data/user/0/com.android.ef6jmgu.cf56ygv/app_webview/GPUCache/index
Filesize
20B

MD5
93027d42b314432c4216e6cfca48b384

SHA1
43448dd8102979c3926828182579691945eedd4e

SHA256
3cda72e67c62e52a342309c44f2cb3b6c1019c7b11822e2f628e48e254e2b41c

SHA512
a52d13cf7f5be196d1e2f135b8a010f80558c5d35e90e7792441d1c976517d55cf1c9587949db69ebef294cc6ef79529a65e7d779964793016efecacd152f70e

Download Submit
/data/user/0/com.android.ef6jmgu.cf56ygv/app_webview/GPUCache/index-dir/temp-index
Filesize
48B

MD5
3c6616a669574c52bf040104443e65c4

SHA1
4fd691e60ce7ce0445ce1d8e5953ccd625d84b07

SHA256
017f4c98bba73c16041a8c8449dbad699d2f7ee0d3f1d1fc15bd6daebf978288

SHA512
7e158ec82239266a04164e063ebda33017456d60119c3f2e9c23b79924f782292fa2671808e03f384b096a8df21ea3d57fa840e8f5db417561a36c57b41138df

Download Submit
/data/user/0/com.android.ef6jmgu.cf56ygv/app_webview/Web Data
Filesize
104KB

MD5
dc79f9ce5f3ab5270b33e61119dfc959

SHA1
1844bf222a5144b513dcf2fb50a18c011701c647

SHA256
47e65f4de08deabfd52ecdb8b0a29c61c482188b92c36182e2112ca0a8f4ff65

SHA512
18b8894a7f35df516f423bbdebf1e05ce09eaf4345b139e59e603cadb81f8d1fa20f793438c28e8fd9a64e64f0684223d90ce6f10d3f93cb0c781049a8cff03e

Download Submit
/data/user/0/com.android.ef6jmgu.cf56ygv/app_webview/Web Data-journal
Filesize
1KB

MD5
dbe2a09b79fbb42b84b75a2aa85f2a63

SHA1
b1d37dfa3fc6ea3744ceb00545f8b13247958724

SHA256
7c634cd30cc6be3942605a3451770ea8fa02fc51c6fb9516e05934e4882e7331

SHA512
40d420b28395ed1e63ababb969014e60c51d5a06f44830c04e9f2b37e394a7b8fdd420d7fc6edbf51db2e1c66f69c5a379d8af12c62d076ce9ef58daf577a1a8

Download Submit
/data/user/0/com.android.ef6jmgu.cf56ygv/app_webview/metrics_guid
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.android.ef6jmgu.cf56ygv/app_webview/metrics_guid
Filesize
36B

MD5
8f8e44cf72d2aace55dd18166e7b00a8

SHA1
0fb22a5a9d7eb016df5860c507cf674ba3800ddf

SHA256
09f36da67ac155f57402e9ae7d68d1bc6a70291f05523132cb94000991a60e7e

SHA512
b40ec17ecea38b6a7d5896a5679952c47e05ad34cf50ced49d4c806e5bb361b323b07c9c91ed57b51c41de6d6974b59347a45b78f3039f9e8d720f1713ff0545

Download Submit
/data/user/0/com.android.ef6jmgu.cf56ygv/app_webview/variations_seed_new
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.android.ef6jmgu.cf56ygv/app_webview/variations_stamp
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.android.ef6jmgu.cf56ygv/app_webview/webview_data.lock
MD5
d41d8cd98f00b204e9800998ecf8427e

SHA1
da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

SHA512
cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

Download Submit
/data/user/0/com.android.ef6jmgu.cf56ygv/cache/org.chromium.android_webview/a236b50deb4f1d1d_0
Filesize
44B

MD5
194e30c75f988a7b62507e22443f0695

SHA1
a0ff84d4aae4551fe14b051a8f056b7b7666bfcc

SHA256
c1d948e600f0e80f49a0d61561178f3d6b07250e95926414786a824682976618

SHA512
32f63808727f73e36dd730209a0dd70e35c43b32fce1d37b511e36e10661f7ce257769fda6dc0105dd2fd808ff2adaf9e813c46ffd3e0eec99dbc4dc1836bc69

Download Submit
/data/user/0/com.android.ef6jmgu.cf56ygv/cache/org.chromium.android_webview/index
Filesize
20B

MD5
93027d42b314432c4216e6cfca48b384

SHA1
43448dd8102979c3926828182579691945eedd4e

SHA256
3cda72e67c62e52a342309c44f2cb3b6c1019c7b11822e2f628e48e254e2b41c

SHA512
a52d13cf7f5be196d1e2f135b8a010f80558c5d35e90e7792441d1c976517d55cf1c9587949db69ebef294cc6ef79529a65e7d779964793016efecacd152f70e

Download Submit
/data/user/0/com.android.ef6jmgu.cf56ygv/cache/org.chromium.android_webview/index-dir/temp-index
Filesize
72B

MD5
4f008d29d6c579fe4da351a6059033b7

SHA1
54b4e26708072f4f35a08fd32968b074659cd7ed

SHA256
d184eddf5f0b7d4b1624234a0d2ee8d89f5383e12f3302134eb27a0c31c0e8ff

SHA512
3bea30f024e961891e3bdbd0a450d44e79bfc0d770599f693ec82ae37ea606a7a473c47a50246a35b92518ea655451c30c33bffd67c6b4b515fd84c882fa4dd4

Download Submit
/data/user/0/com.android.ef6jmgu.cf56ygv/files/.imprint
Filesize
901B

MD5
3e0a577b3e04e531ea97cc7fac94a132

SHA1
a6835a2e2193fbd8587c86fc9269c5b371b7f4b6

SHA256
ba7de16c34b897b84d9d9e516fe340ad800498db81f914e041b6bbf3564d4d60

SHA512
225408cb0fb62ed994a319c25b9be23388f0f3c864fe7d7be467d10bbe8b9a3c2c980a29602e8243b7ef42a85224a7e43c1a2036382552f538f14d0de50dc5bd

Download Submit
/data/user/0/com.android.ef6jmgu.cf56ygv/files/umeng_it.cache
Filesize
310B

MD5
fff6efa4615d08b57a683223767bc225

SHA1
8bb17cbb2ae7c406bfc2eb3927a41788f0ce50ec

SHA256
f4ebab82ebbbd06ca954f686101d2fca3d29b428bdd802ffc0f792baf0fd3931

SHA512
df2060da7d56b7ec22448c41a4ba6a45a1ec9b12207f21767bbfdaa0451272c1532a7d5e48d815509d9f029894d3189aa36d9a4b7fc315ba6a406e9266fae054

Download Submit
/data/user/0/com.android.ef6jmgu.cf56ygv/shared_prefs/WebViewChromiumPrefs.xml
Filesize
127B

MD5
21223e9184445fe043476484cd8cb1f9

SHA1
2b4813f849121d60ba35eb0889080668bb62c778

SHA256
bb61b7c087c2ae2de93a7740ff75707342940557146366e92b840284cd9446af

SHA512
be21408de0cc643650e5d9ab9057a8f9de88e37fbdc6417cfeba160402ec4cd14fccbc82cbbfd941ecfc0bb3d4056ee61ac199efdc99d647d53e65818835fd48

Download Submit
/data/user/0/com.android.ef6jmgu.cf56ygv/shared_prefs/ui.xml
Filesize
111B

MD5
7aabe1b47d1509c13180f39ac3c1aad8

SHA1
c0d2782171a3ba3bab7070064ea10ca9f59b893a

SHA256
077dd5cff0f24a3053128eb010369043a498b0152adae4f493b5ca27849375a0

SHA512
540ee4e97ea6a52883a719d0257456b39eba4e388b17baa667731267644a0a8858ddbc8b0381917eda19569491b1bea6e78b21cfcd7b19e92953721b9bf4fa86

Download Submit
/data/user/0/com.android.ef6jmgu.cf56ygv/shared_prefs/ui.xml
Filesize
154B

MD5
bba2382169520638ea0dba6fd978096d

SHA1
95e5172a634b12fa3c3c9b327c146a43ccba3b25

SHA256
a4d9a6f6d491f8b786762892a3d9ae8b007a35480d74057ba11bdf68a5f2bc8c

SHA512
bef1a33fee3b5450c260aaa34ac32b88bee77120f8c9c596081f1271a4b7eb2b95492b8742f22f85188ee4433bbc9f70bb494e4192a22775851bda6bda64116e

Download Submit
/data/user/0/com.android.ef6jmgu.cf56ygv/shared_prefs/ui.xml
Filesize
208B

MD5
520fdbccfa2c09067311a62181c8d430

SHA1
497b55bf016439c26f6d5b106f294f0047ec0a1e

SHA256
ed58c782c905c0481d92828c2abfb12f45434368b2928874203ef773b3237b0c

SHA512
726386435f5242652c30172c75b3580ed035faca5496331b5fd8db321780cc9f420d3667a2a108847254073ccefac8733f104009f6ee9e3906dde00a28136344

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads